KT Connections Blog

KT Connections has been serving the Rapid City area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

KT Connections can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling 605-341-3873 for more information.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 20 November 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Privacy Technology hackers Email Cloud Internet Business Computing Google malware Network Security software Ransomware Efficiency Business User Tips Data Backup Microsoft Computer IT Support Smartphone Small Business Windows VoIP Hosted Solutions Mobile Device Management Android Productivity Managed IT Services IT Support Network Windows 10 cybersecurity Cloud Computing communications Data Management Business Continuity IT Management Mobile Devices Operating System Money Facebook Hardware Artificial Intelligence Nextiva BDR Bandwidth Business Management Data storage Unified Communications Social Media Upgrade Antivirus Internet of Things security cameras Update Gmail Disaster Recovery Passwords Communication Outsourced IT data breach End of Support Apple IT Services Encryption Smartphones Microsoft Office Alert Outlook Phishing The Internet of Things Google Maps Apps Scam BYOD Lunch and Learn Data Recovery Start Menu Google Wallet Windows 10 WiFi Google Docs Legal Politics YouTube Data Backup Events App Access Control Best Practice Word Patch Management Event Marketing Local Buzz Drones Spam History South Dakota Analytics Browser vulnerability Innovation Save Money Managed IT Services Saving Money Hard Drive Law Enforcement Document Management IoT SaaS Information Technology Robot security solutions Server Remote Monitoring Networking Firewall Customer Service Big Data Search Productivity Automation IBM Business Growth Download Downloads vulnerabilities Kaseya Unified Threat Management identity theft Network Congestion surveillance cameras Virtualization SOX Managed Services Social Cost Management Hardware as a Service Content Filtering Deep Learning healthcare Google Calendar Dell ’s Sonicwall Global Management System Kaseya Connect Microsoft Office 365 Information Security Gadgets media experience Computer Care Trend Micro Sarbanes-Oxley Act Education Knowledge HaaS Experience Managed IT Office AtomBombing tool Business Communications Password Conference Business Comunications Microsoft Office 365 features Email Security information Running Cable Press Release Chamber of Commerce Google Play Store End User Testing VPN appointment Tech Terms Uninterrupted Power Supply Vendor Mangement Sports Vendor Management Comparison Wireless Technology News Touchscreen LiFi Flash Cabling Digital Office 365 enterprise productivity software Data Protection Business Mangement Monitors Penetration Testing Hosted Solution Specifications Society Websites Streaming Media Webcam Visible Light Communication Settings Access botnet attack camera Microsoft Bookings Data Security Corporate Profile Displays Phishing Scams Budget Remote Computing Windows 8 password manager LastPass Programming Software as a Service Windows XP Redundancy Website Worker Spyware botnet Workplace Tips Rebrand macbook Proactive IT booking process Audit Fast food Cloud Backup Google Drive Compliance Hack Bluetooth File Sharing IT Consultation Quick Tips Tech Support user confidence Rapid City Virus Project Management Advertising Web Servers DDoS attacks Office Tips Applications Music Event Maintenance Virtual Machines Telephony Local Technology Safety Workers IT Assessment Solid State Drive Physical Security Printer IoT Devices Law IT Virtual Desktop Managed Service Provider Internet 101 Cache Tips and Tricks DDoS security precautions Collaboration Mixer Fortinet Government Risk Creep VoIP Writing Sales Tax Samsung IT Strategy LastPass Lawyers Emergency communication device Internet Connected Devices Black Market Vendors Business Security Cryptocurrency Virtual Reality IT for Oil Companies Tablets Administration Laptop IT Solutions Business Technology business owner Communications How To Community Involvement Printing Cleaning Risk Management Time Management Retail Mobility Memory face Hacking Tablet Attorneys Disaster communication solutions Phone System Flexibility quantum computers UTM 3D Printing Tracking holidays Cortana Supercomputer Reliable Computing Threat management scammers Twitter Work/Life Balance IT Consultant Scalability network security professionals Distributed Denial of Service Users scams G Suite Training Travel Playbook Processors Wi-Fi Computer Malfunction collaboration capabilities Employer-Employee Relationship Sync Employer Employee Relationship Messenger Private Cloud breach methods Microchip Documents Digital Payment Text Messaging In Internet of Things Books PDF Public Cloud Taxes Television Motion Sickness Computing Reading Marketing Machine Learning Paperless Office Hiring/Firing Mouse Language Bring Your Own Device Relocation Administrator Hacker Miscellaneous base infrastructure CCTV Hacks Phone Systen Automobile Holiday Web Server security solution IT service Unified Threat Management Notifications Telephone Systems Business Metrics Meetings Social Engineering end-of-support date Ordinary Computers Health CrashOverride holiday season Emails Banking Chromebook Rental Service